Honolulu-based University of Hawaii Cancer Center paid a ransom to hackers to prevent them from releasing patient data.
In August, the cancer center discovered a cybersecurity incident limited to servers supporting its research operations, according to a report to the 2026 state legislature filed in December. Due to the hackers’ encryption with ransomware, it took “a while” to restore the affected systems.
“While the investigation was underway, UH made the difficult decision to engage with the threat actors in order to protect the individuals whose sensitive information may have been compromised,” the organization wrote. “Keeping external stakeholders informed, UH worked with an external team of cybersecurity experts to obtain a decryption tool and to secure destruction of the information the threat actors illegally obtained.”
The cancer center learned in December that Social Security numbers belonging to patients who participated in research studies in the 1990s were compromised and plans to notify them. The organization has also bolstered its cybersecurity, installing endpoint protection software with 24/7 monitoring and rebuilding its network with a new firewall containing enhanced security controls.
Leave a Reply